3.1.9

Upgrading

File permissions

This release makes an important change to File DataObject permissions in order to close a vulnerability in
file modification privileges.

By default the minimum necessary permission required by any user to modify files has been changed
to CMS_ACCESS_AssetAdmin. If you need unauthenticated users, or users with other rights, to edit certain
files, then you will need to customise this.

An example use case is when you want to use UploadField on the frontend, where files could be uploaded
by non-admin users, and your above logic will need to ensure that those users can edit their own files
after they have uploaded it.

2014-09-02 1f4f5e6 Fix versioned Versioned is not writing Version to _version tables for subclasses of Version dataobjects which have their own DB fields - Fix disjoint of ID / RecordID (which should be the same) - Fix calculation of new record version - Fix use of empty vs !isset to check for existing version (Damian Mooyman)